Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog project blog vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-27174
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and previous versions allows a remote unauthenticated malicious user to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.
Easy Blog Project Easy Blog
668
VMScore
CVE-2020-21179
Sql injection vulnerability in koa2-blog 1.0.0 allows remote malicious users to Injecting a malicious SQL statement via the name parameter to the signin page.
Koa2-blog Project Koa2-blog 1.0.0
668
VMScore
CVE-2020-21180
Sql injection vulnerability in koa2-blog 1.0.0 allows remote malicious users to Injecting a malicious SQL statement via the name parameter to the signup page.
Koa2-blog Project Koa2-blog 1.0.0
383
VMScore
CVE-2019-9765
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.
Blog Mini Project Blog Mini 1.0
383
VMScore
CVE-2020-18998
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote malicious users to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
Blog Mini Project Blog Mini 1.0
383
VMScore
CVE-2020-18999
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote malicious users to execute arbitrary code via the component '/admin/submit-articles'.
Blog Mini Project Blog Mini 1.0
NA
CVE-2022-40034
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows malicious users to execute arbitrary code via the 'notifyInfo' parameter.
Javaweb Blog Project Javaweb Blog 1.0
NA
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing malicious users to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.
Blog-ssm Project Blog-ssm 1.0
NA
CVE-2022-40036
An issue exists in Rawchen blog-ssm v1.0 allows an malicious user to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.
Blog-ssm Project Blog-ssm 1.0
NA
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote malicious user to escalate privileges and execute arbitrary commands via the component /upFile.
Javaweb Blog Project Javaweb Blog 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »